We compared Sonatype Nexus Repository and JFrog Artifactory based on our user's reviews in several parameters.
In comparing Sonatype Nexus Repository and JFrog Artifactory, both offer reliable artifact management, seamless integration with build tools, and valuable customer support. Sonatype stands out for its robust security and customizable permissions, while JFrog is praised for its high-quality storage capabilities and ease of use. Sonatype offers cost-effective pricing and positive ROI, while JFrog is commended for its efficient efficiency and productivity gains. However, users note room for improvement in Sonatype's UI and setup process, while JFrog users seek enhancements in UI, customization, and performance.
Features: Sonatype Nexus Repository stands out for its robust security, customizable user permissions, and seamless integration with build tools. JFrog Artifactory impresses users with its efficient storage and management capabilities, reliable performance, and intuitive navigation.
Pricing and ROI: The setup cost of Sonatype Nexus Repository has been praised for being reasonable and competitive. Users have found the process straightforward with minimal costs. On the other hand, JFrog Artifactory is appreciated for its affordability and flexible pricing options, with a reasonable setup cost and straightforward licensing terms., Sonatype Nexus Repository has shown positive outcomes in terms of ROI with cost-effectiveness, streamlined development process, improved security, and reduced troubleshooting time. Users appreciate its value and utility. On the other hand, JFrog Artifactory provides enhanced efficiency, improved software development processes, increased productivity, time savings, reduced errors, and a centralized artifact repository. It proves to be a valuable investment, benefiting organizations substantially.
Room for Improvement: Sonatype Nexus Repository users have called for improvements in the user interface, setup process, and documentation. JFrog Artifactory users have suggested enhancements in usability, customization options, performance, and documentation.
Deployment and customer support: Users' reviews indicate that both Sonatype Nexus Repository and JFrog Artifactory require a significant amount of time for deployment and setup. However, the reviews highlight a difference in interpretations, as one Sonatype user suggests the terms refer to separate timeframes, while JFrog users imply they likely represent the same period., Users have praised both Sonatype Nexus Repository and JFrog Artifactory for their customer service and support. Sonatype is known for its knowledgeable and efficient assistance, while JFrog is praised for its prompt and helpful assistance and responsiveness.
The summary above is based on 14 interviews we conducted recently with Sonatype Nexus Repository and JFrog Artifactory users. To access the review's full transcripts, download our report.
"The package registries have been helpful. GitLab, our previous solution, wasn't managing that well."
"The most valuable feature I have found is the JFrog CLI."
"The most valuable feature is that it is a centralized repository and that you can open multiple repositories for different types of artifacts."
"The most valuable feature right now is that the tool is invisible. I've set it up so that it works in my build process and my release processes, and it just works. I hardly ever need to go into the UI to check up on things or correct anything. By far, the biggest feature for me is that after setup, it just keeps on working."
"The feature that I like is Permission Targets. If I want to give permission to only deploy the cache, I can give that permission to a set of users. Similarly, if I want to overwrite an artifact with the same name from the same pipeline, I can give permission for that as well to particular users."
"The core functionality is most valuable for indexing and metadata of all the artifacts, but within the last year or two, we've been using the Projects feature, which has been very helpful. We can now assign individual admins for different projects and repos so that they can self-manage their own user permissions for their data. My IT DevOps team doesn't have to be the facilitators of that. It's now more of a self-service capability for them."
"HPE was using it for a lot of things, and they certainly had a massive implementation."
"For us, the ability to do proxying and federations of repositories is very important. It gives us flexibility. We are the largest physics research laboratory in the world. With 12,000 people, we need to have good solutions to federate organizations inside our lab."
"The customer service and support are good ."
"The key benefit we get from it is speed to delivery. It has improved our overall time to get new applications out with new code. That's true whether from a platform perspective, where we are quickly deploying up-to-date docker containers, or whether we are looking to deploy new code out to deliver a new application."
"The core features are the most important: We can host libraries, upload them, and they can be used across multiple teams."
"Navigation on the UI is easy and simple to understand."
"The searching capability is good... and we are managing multiple central repositories."
"Primarily, the extensive support for a wide range of packages is a crucial factor. The effectiveness of new-age package managers is often determined by the breadth of packages they can handle. In this regard, Nexus Repository Manager 3 stands out for its comprehensive coverage, accommodating a vast array of packages widely utilized across the globe. This inclusivity enables easy access to a diverse range of packages, making it a pivotal aspect of its functionality."
"If there are any issues in build security, it can pick them up straight away."
"We're looking for something that has additional reporting capabilities on data growth and data aging. This goes back to storage lifecycle management so that the actual Artifactory itself can provide these reports to either the administrators or the users. I don't know if it has those capabilities. That's something we have to look into regarding the self-service dashboard, but the tool itself having those capabilities would be great rather than trying to do it at the underlying storage hardware layer."
"I would like to see written technical support instead of having to contact them directly."
"The documentation is a bit sparse. That's our only complaint."
"Jira integration is something that I would like to see improved. I have already talked with their support, and there is a development ticket open for that. If there is any Xray-related information that should be shared within the development pipeline for security remediation or license or whatever, then I would like to see a ticket to be created automatically in the right project. That's something that's not working with Jira Cloud at the moment. Hopefully, they will be able to address that."
"It's an enterprise product that acts like an enterprise product. In other words, it's not a product where they focus on user experience. I wasn't an administrator, so I primarily worked with the command line tool to upload and download parts of the product. I was not impressed with that because it wasn't well documented. It was challenging to figure out how to get things to work."
"In some of the latest versions of JFrog's SaaS solution, they changed the user interface, the SSO settings, how you interact with them over API, and how you generate tokens. It was very confusing for me. The overall user management is very complicated."
"The latest version that I am using is 7.41. It has been upgraded graphics-wise, but there is a bit of slowness. They can improve the graphical interface for the admin jobs and make it faster."
"They could improve the user interface and REST APIs."
"Sonatype Nexus Repository could improve by making the experience working with CI/CD pipelines, such as GitHub Action or GitLab better."
"We had some issues with the container platform, but we raised a support ticket and it was sorted out for us."
"Particularly concerning OSF-type licenses, while they support a multitude of features, there's room for improvement in the single point transform, especially for grouping. It appears that currently, the grouping functionality is not robust, particularly for Docker images within a group. The support for this aspect seems to be contingent on the license type. For instance, with the Voss license type, there is a noticeable absence of support for this feature. This is an area that could benefit from enhancement in the upcoming updates."
"They should have some feature where we can move a specific repository from one instance of Nexus to another instance of Nexus. As of now, this feature doesn't exist."
"When it comes to uploading NPM libraries, JavaScript dependencies libraries, it is a little bit of a convoluted process. They need to improve uploading libraries for NPM-type repositories."
"We feel that if the product could be configured more easily through configuration files, instead of API calls and databases, that would make it easier to integrate with other DevOps tools. This is one of the hurdles that we encountered when we tried to integrate Nexus 3 with our OpenShift installation."
"They should provide automation for adding container images and artifacts in compliance with security requirements."
JFrog Artifactory is ranked 2nd in Repository Managers with 7 reviews while Sonatype Nexus Repository is ranked 1st in Repository Managers with 15 reviews. JFrog Artifactory is rated 7.8, while Sonatype Nexus Repository is rated 8.2. The top reviewer of JFrog Artifactory writes "Stores all our artifacts, allows users to manage permissions for their data, and is very stable". On the other hand, the top reviewer of Sonatype Nexus Repository writes "Vastly improved our whole release cycle; automated processes help to deliver code". JFrog Artifactory is most compared with Archiva, Bitbucket Data Center, Inedo ProGet and Cloudsmith, whereas Sonatype Nexus Repository is most compared with Archiva, Bitbucket Data Center, Inedo ProGet, EMCO Remote Installer and EMCO MSI Package Builder. See our JFrog Artifactory vs. Sonatype Nexus Repository report.
See our list of best Repository Managers vendors.
We monitor all Repository Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.